Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e58844223644715d3e61bc2b89a96f00_JaffaCakes118

  • Size

    109KB

  • Sample

    240407-wnrx5sah26

  • MD5

    e58844223644715d3e61bc2b89a96f00

  • SHA1

    4d6ce837bf5a0a5fd52dba326bde2b894461bee2

  • SHA256

    3d6d1d1d6cf7c5be212ec2729fd80784d029ccfef556b3e3212d5c3b38b5e6c3

  • SHA512

    f02bd5531c655a884b22b7d66ed4f73e1bf23a27fac7192d7fe90982cdcdc554651ea223b2ff3b24969e5281abdb9ea41f33fa8051d84d41e5f1e0f6816ba054

  • SSDEEP

    3072:FStxbkii+Mb855aIKLA6mqECnHUflav74MfxHG1c:Fmx9VMo1vdcHUNav74kRGe

Score
10/10

Malware Config

Targets

    • Target

      Picture57.JPG_www.facebook.com

    • Size

      125KB

    • MD5

      863747a7fc81d2bd999583fa15aa274e

    • SHA1

      454cf55c7e5d69af622e6fc8f38d20f84bf6ddea

    • SHA256

      4ff9e0fd11df6fcb1e2d5bab71b18f38eaff07905d54e241cbe69e304609cca8

    • SHA512

      84abe585f7f0a4d9b79f322234d4ec5f92f8cb8f788ea3a8c37817a857c48a432904f64c3c3b6289214a55e77aa910752ba8ce82c177c3bde5a698f653f8b4db

    • SSDEEP

      3072:NRRRHMQJS0hzH5aIKLA6mqECDHUflav74MfZ3g:fLXJvhjvdiHUNav74kx

    Score
    10/10
    • Modifies firewall policy service

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks